AuthenticationMethod
- Last Updated: July 4, 2024
- 3 minute read
- DataDirect Connectors
- JDBC
- Microsoft SQL Server 6.0
- Documentation
Purpose
Determines which authentication method the driver uses when establishing a connection.
Valid values
activeDirectoryPassword | ActiveDirectoryServicePrincipal | auto | kerberos |
ntlm | ntlmjava | ntlm2java | userIdPassword | ActiveDirectoryManagedIdentity
Behavior
If set to ActiveDirectoryPassword, the
driver uses Entra ID user name and password authentication when establishing a
connection to Azure. In addition to specifying a user ID and password, a value must
be specified for the HostNameInCertificate property. All communications to the
service are encrypted using SSL.
If set to ActiveDirectoryServicePrincipal, the driver uses Entra ID service
principal user authentication when establishing a connection to Azure. This setting
requires the ActiveDirectoryPrincipalID and ActiveDirectoryPrincipalSecret
properties to be specified. All communications to the service are encrypted using
SSL.
If set to ActiveDirectoryManagedIdentity,
the driver uses managed identity authentication when establishing a connection and
accessing Entra ID resources. The User property provides the client ID of the user
assigned managed identity. If a user is not specified, the driver authenticates
using a system-assigned managed identity.
If set to auto, the driver uses SQL Server
authentication, access token authentication, or Kerberos authentication based on the
following criteria.
- If a user ID and password is specified, the driver uses SQL Server authentication when establishing a connection. The User property provides the user ID. The Password property provides the password.
- If a user ID and password is not specified, the driver uses Kerberos authentication when establishing a connection.
- If an access token value is specified, then authentication using the access token takes precedence over other authentication methods. Refer to Access token authentication for details.
If set to kerberos, the driver uses Kerberos
authentication when establishing a connection. The driver ignores any values
specified by the User and Password properties. The driver uses the authentication
technology based on the value specified for the LoginConfigName property to
establish a Kerberos connection.
If set to ntlm, the driver uses NTLM authentication if the DLL
required for NTLM authentication can be loaded. If the driver cannot load the DLL,
the driver throws an exception. User ID and password are optional. If user ID and
password are specified, those credentials will be used. Otherwise, the current OS
user credentials will be used. This value is supported for Windows clients only.
If set to ntlmjava, the driver uses NTLMv1 or
NTLMv2 depending on the size of the NTLM password. NTLMv1 is used if the password is
14 bytes or less; NTLMv2 is used if the password is more than 14 bytes. A user ID
and password must also be specified. If the user ID and password are unspecified,
the driver throws an exception. In addition, the driver requires the name of the
domain server that administers the database server. You can specify it using the
Domain property. If the Domain property is unspecified, the driver attempts to
determine the domain server name from the User property. If no domain is specified,
the driver throws an exception.
If set to ntlm2java, the driver uses NTLMv2
authentication. A user ID and password must also be specified. If the user ID and
password are unspecified, the driver throws an exception. In addition, the driver
requires the name of the domain server that administers the database server. You can
specify it using the Domain property. If the Domain property is unspecified, the
driver attempts to determine the domain server name from the User property. If no
domain is specified, the driver throws an exception.
If set to userIdPassword, the driver uses
SQL Server authentication when establishing a connection. The User property provides
the user ID. The Password property provides the password. If a user ID is not
specified, the driver throws an exception.
Notes
- If your are configuring your environment for Kerberos constrained
delegation, AuthenticationMethod must be set to
kerberos. - The User property provides the user ID. The Password property provides the password.
- When using Entra ID authentication (
AuthenticationMethod=ActiveDirectoryPassword), the driver requires root CA certificates to establish an SSL connection to a database. The driver determines the location of the truststore containing the required certificates by using the default JRE cacerts file, unless a different file has been specified by thejavax.net.ssl.trustStoreJava system property. The truststore location cannot be specified using the driver's Truststore property. - If you specify
AuthenticationMethod=ntlmjavawhen the LMCompatabilityLevel has been restricted to NTLMv2, an error will be returned. When the LMCompatabilityLevel has been restricted to NTLMv2, AuthenticationMethod must be set tontlm2java.
Data source method
public String
getAuthenticationMethod()
public void
setAuthenticationMethod(String)
Default
auto
Data type
String